Method of conducting financial transactions

ABSTRACT

A method is provided of conducting a financial transaction with reduced likelihood of fraud where a first party&#39;s financial account information is entered using the first party&#39;s mobile device with a single initial entry to a payment service. Funds are transferred to and/or from the first party&#39;s financial account using the payment service. The first party is registered with the payment service, or becomes registered prior to transferring funds to and/or from the financial account using the payment service. For future uses of the first party&#39;s financial account to transfer funds to and/or from the first party&#39;s financial account, the first party&#39;s financial account information need not be entered again with the payment service. In response to, (i) entering the first party&#39;s financial account information or (ii) using the first party&#39;s mobile device for a financial transaction following the single initial entry to the payment service, a determination is made to see if a fraudulent attempt or fraudulent use of the first party&#39;s financial account information is committed.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation-in-part of U.S. Ser. No. 12/903,753,U.S. Ser. No. 12/903,823, both filed Oct. 13, 2010, U.S. Ser. No.12/985,822 and U.S. Ser. No. 12/895,982, both filed January, 2011, U.S.Ser. No. 13/010,796, filed Jan. 21, 2011 and U.S. Ser. No. 13/012,495,filed Jan. 24, 2011, all of which applications are incorporated hereinby reference.

This application is related to U.S. Ser. No. 12/456,134, filed Jun. 10,2009, and is hereby incorporated herein by reference.

This application is also related to U.S. Ser. No. 12/707,228, which is acontinuation of U.S. Ser. No. 12/050,752 filed Mar. 18, 2008, which is acontinuation of U.S. Ser. No. 10/355,557 filed Jan. 31, 2003, whichclaims the benefit of U.S. Ser. No. 60/355,667 filed Feb. 5, 2002, U.S.Ser. No. 60,356,861 filed Feb. 12, 2002, and U.S. Ser. No. 60,361,646filed Mar. 4, 2002, all of which applications are fully incorporatedherein by reference.

BACKGROUND

1. Field of the Invention

The present invention relates generally to systems and methods ofconducting financial transactions, and more particularly to systems andmethods of conducting financial transactions using a mobile device thatreceives financial information from a financial transaction instrumentin a secure way with reduced fraud.

2. Description of the Related Art

Plastic cards having a magnetic stripe embedded on one side of the cardare prevalent in everyday commerce. These cards are used in varioustransactions such as to pay for purchases by using a credit card, adebit card, or a gasoline charge card. A charge card or a debit card mayalso be used to transact business with a bank through use of anautomated teller machine (ATM). The magnetic stripe card is capable ofstoring data by modifying the magnetism of magnetic particles embeddedin the stripe. The data stored on the magnetic stripe may be sensed orread by swiping the stripe past a read head. The analog waveformobtained by sensing the magnetic stripe must undergo a process known asdecoding to obtain the digital information stored in the magnetic stripeof the card.

Currently, there are hundreds of magnetic stripe readers/swipers on themarket, all of them are at least as long as the credit card itself.These existing readers/swipers can be classified as either platform cardreaders or plunge card readers. Platform card readers are traditionalcard swipers with single rails, which allow a card to be held againstthe base of the reader by the user and moved across the read head of thereader. Plunge swipers guide a card by two sets of rails and a backstop.Once the user has inserted the card against the backstop, the card isread as it is removed from the plunge swipers. Plunge swipers are commonon ATMs and other self-pay devices because they are less prone tohacking.

Magnetic stripe cards having standard specifications can typically beread by point-of-sale devices at a merchant's location. When the card isswiped through an electronic card reader, such as a platform cardreader, at the checkout counter at a merchant's store, the reader willusually use its built-in modem to dial the number of a company thathandles credit authentication requests. Once the account is verified andan approval signal will be sent back to the merchant to complete atransaction.

Although magnetic stripe cards are universally used by merchants, thereis no way for an individual to take advantage of the card to receive apayment from another individual (who is not a merchant) by swiping thecard through a simple reader attached to his/her mobile device. For anon-limiting example, one person may owe another person money for adebt, and the conventional way to pay the debt is to provide cash or acheck. It would be convenient to be able to use a credit card or a debitcard to pay off the debt. In addition, it is advantageous for anindividual to make payment to another individual or merchant by swipinghis magnetic stripe card through a reader connected to a mobile device.

Credit account fraud costs companies millions of dollars per year.Additionally, companies spend large amounts of time and money trying toreduce credit account fraud. Many transactions involving credit accountsand credit cards occur via the Internet every day. Establishing theidentity of the person using a credit card or credit account via theInternet is nearly impossible.

Currently, in the credit card industry there are several ways to helpmerchants verify that credit card information is actually coming fromthe cardholder and not a person trying to commit fraud. Unfortunately,none has proven to be effective all of the time.

One method is ZIP code verification. This process occurs when either awebsite prompts a cardholder to enter their billing ZIP code whencompleting a purchase form or when an operator verbally requests thisinformation during a telephone transaction. When an order is placed, amatch or no match is given based on whether or not the accurate ZIP codeinformation was given.

Another fraud prevention method is additional number verification.Credit card issuers are now including extra digits on cards that areonly visible to someone physically holding a card. These numbers usuallyappear on the front or back of a card. The idea behind this securitymeasure is that only the person holding the card would have access tothese numbers. For example, if a thief stole a credit card receipt itcould contain the account number and the expiration date, but would nothave these extra digits.

The problem with these verification methods is they are not fool proofin preventing fraud in the case where someone has physically stolen thecard, piece of mail, or a company's internal database.

Similar problems exist for controlling access to usage ofphysical/informational resources, and access of secured areas.

SUMMARY OF THE INVENTION

An object of the present invention is to provide methods of conducting afinancial transaction with reduced likelihood of fraud where a firstparty's financial transaction instrument information is sent externallyto a mobile device which sends it to a payment system.

Another object of the present invention it to provide methods fordetecting fraudulent use of a party's financial account information,comprising with a financial transaction card and a mobile device where afirst party's financial account information is sent to the mobile deviceand then to a payment system.

A further object of the present invention is to provide methods ofconducting financial transaction with a financial transaction instrumentand a cell phone with reduced fraud, where a tab is opened by a firstparty that can be selected by a second party at any geographic locationof a first party's mobile device, and the second party is only able tocharge the first party's financial transaction instrument when the firstparty's mobile device is within a defined geographic area.

Yet another object of the present invention is to provide methods ofconducing on-line purchases using a mobile device and a financialtransaction instrument with reduced fraud, where a first party enterspersonal identifying information that is sent to a payment service andreceives a push notification to the first party's mobile device thatenables the first party to complete the transaction with a second partyon-line entity.

These and other objects of the present invention are achieved in amethod of conducting a financial transaction with reduced likelihood offraud where a first party's financial account information is enteredusing the first party's mobile device with a single initial entry to apayment service. Funds are transferred to and/or from the first party'sfinancial account using the payment service. The first party isregistered with the payment service, or becomes registered prior totransferring funds to and/or from the financial account using thepayment service. For future uses of the first party's financial accountto transfer funds to and/or from the first party's financial account,the first party's financial account information need not be enteredagain with the payment service. In response to, (i) entering the firstparty's financial account information or (ii) using the first party'smobile device for a financial transaction following the single initialentry to the payment service, a determination is made to see if afraudulent attempt or fraudulent use of the first party's financialaccount information is committed.

In another embodiment, the first party's financial account informationis entered using the first party's mobile device with a single initialentry to a payment service. Funds are transferred from the first party'sfinancial account to a second party using the payment service. The firstparty is either registered with the payment service, or becomesregistered prior to transferring funds to and/or from the first party'sfinancial account using the payment service. For future uses of thefirst party's financial account to transfer funds to and/or from thefirst party's financial account, the first party's financial accountinformation need not be entered again with the payment service. Inresponse to, (i) entering the first party's financial accountinformation or (ii) using the first party's mobile device for afinancial transaction following the single initial entry to the paymentservice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.

In another embodiment, the first party's financial account informationis entered using the first party's mobile device with a single initialentry to the payment service. The first party's financial account isselected from at least one of, a bank account, credit card, debit card,pre-paid card and a third party funding source. Funds are transferred toand/or from the first party's financial account using the paymentservice. The first party is either registered with the payment service,or becomes registered prior to transferring funds to and/or from thefinancial account using the payment service. For future uses of thefirst party's financial account to transfer funds to and/or from thefirst party's financial account, the first party's financial accountinformation need not be entered again with the payment service. Inresponse to, (i) entering the first party's financial accountinformation or (ii) using the first party's mobile device for afinancial transaction following the single initial entry to the paymentservice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.

In another embodiment, a first party's financial account information isentered using the first party's mobile device with a single initialentry to a payment service. The first party's financial account isselected from at least one of, a bank account, credit card, debit card,pre-paid card and a third party funding source. Funds are transferredfrom the first party's financial account to a second party using thepayment service. The first party is registered with the payment service,or becomes registered prior to transferring funds to and/or from thefirst party's financial account using the payment service. For futureuses of the first party's financial account to transfer funds to and/orfrom the first party's financial account, the first party's financialinformation need not be entered again with the payment service. Inresponse to, (i) entering the first party's financial accountinformation or (ii) using the first party's mobile device for afinancial transaction following the single initial entry to the paymentservice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.

In another embodiment, a first party's financial transaction cardinformation is entered using the first party's mobile device with asingle initial entry to a payment service. For future uses of the firstparty's financial transaction card to transfer funds to and/or from thefirst party's financial transaction card, the first party's financialtransaction card information need not be entered again with the paymentservice. In response to, (i) entering the first party's financialtransaction card information or (ii) using the first party's mobiledevice for a financial transaction following the single initial entry tothe payment service, a determination is made to see if a fraudulentattempt or fraudulent use of the first party's financial accountinformation is committed.

In another embodiment, a first party's financial transaction cardinformation is entered using the first party's mobile device with asingle initial entry to a payment service. Funds are transferred fromthe first party's financial transaction card to a second party using thepayment service. The first party is registered with the payment service,or becomes registered prior to transferring funds to and/or from thefirst party's financial transaction card using the payment service. Forfuture uses of the first party's financial transaction card to transferfunds to and/or from the first party's financial transaction card, thefirst party's financial transaction card information need not be enteredagain with the payment service the first party's financial. In responseto, (i) entering the first party's financial transaction cardinformation or (ii) using the first party's mobile device for afinancial transaction following the single initial entry to the paymentservice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.

In another embodiment, a first party accesses names of one or morequalified second parties. The qualified second parties are defined assecond parties having an association with the payment service, andsecond parties that if they do not have an established association withthe payment service, have an established association with the paymentservice prior to payment. The first party has an association with thepayment service. A tab is opened by the first party that can be selectedby the qualified second party at any geographic location of a firstparty's mobile device. The qualified second party is only able to chargea first party's financial account when the first party's mobile deviceis within a defined geographic area. The tab is a relationship betweenthe first party, the payment service and the qualified second party. Thequalified second party can engage in a financial transaction with thefirst party when the first party is within the defined geographic area.In response to the second party, (i) attempting to charge the firstparty or (ii) charging the first party, a determination is made to seeif a fraudulent attempt or fraudulent use of the first party's financialaccount is committed.

In another embodiment, names of one or more qualified second parties areaccessing by the first party with the first party's mobile device. Thesecond parties have an association with the payment service, or if nothave one prior to payment. The first party has an association with thepayment service. A tab is opened by the first party that can be selectedby the qualified second party at any geographic location of the firstparty's mobile device. The qualified second party is only able to chargea first party's financial transaction card when the first party's mobiledevice is within a defined geographic area. The qualified second partycan engage in a financial transaction with the first party when thefirst party is within the defined geographic area. In response to theuse of the first party's mobile device to pay the second party, adetermination is made to see if a fraudulent attempt or fraudulent useof the first party's financial transaction card is committed.

In another embodiment, a first party accesses a second party on-lineentity. The mobile device is configured to communicate with the paymentservice. The first party considers conducting a transaction with thesecond party on-line entity. The second party on-line entity isregistered with the payment service or in response to the first party'sdesire to transact with the second party on-line entity, the secondparty on-line entity becomes registered with the payment service. Thefirst party enters personal identifying information that is sent to thepayment service. The first party receives a push notification to thefirst party's mobile device that enables the first party to complete thetransaction with the second party on-line entity. In response to thefirst party receiving the push notification to the first party's mobiledevice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial transaction card iscommitted.

In another embodiment, a first party visits a second party on-lineentity. The first party considers conducting a transaction with thesecond party on-line entity. The first party enters personal identifyinginformation using the first party's mobile device and this is sent tothe payment service. The first party receives a push notification of thefirst party's mobile device that enables the first party to complete thetransaction with the second party on-line entity. In response to thefirst party receiving the push notification to the first party's mobiledevice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial transaction card iscommitted.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 depicts an example of a system diagram to support financialtransaction between a payer and a payee through a miniaturized cardreader connected to a mobile device.

FIG. 2 depicts an example of an external structural diagram of aminiaturized card reader.

FIGS. 3( a)-(b) depict examples of actual card reader with miniaturizeddesign.

FIGS. 4( a)-(b) depict examples of alignment between read head of thecard reader and magnetic stripe of card being swiped.

FIG. 5 depicts an example of a TRS connector as a part of card reader.

FIGS. 6( a)-(c) depict examples of internal structures of a miniaturizedcard reader.

FIGS. 7( a)-(b) depict examples of waveforms of data read from one trackof the magnetic stripe by read head when the card is swiped through theslot of the card reader in the forward and reverse directions,respectively.

FIG. 8 depicts a flowchart of an example of a process to support swipingof a card with a magnetic stripe through a miniaturized portable cardreader.

FIG. 9 depicts an example of schematic diagram of passive ID circuitryembedded in the card reader.

FIG. 10 depicts an example of schematic diagram that contains additionalcomponents of passive ID circuitry 22 that contribute to the userexperience.

FIG. 11 depicts an example of an implementation for passive ID circuitry22 depicted in FIG. 10.

FIG. 12 depicts a flowchart of an example of a process to deliver theunique ID to mobile device via the passive ID circuitry.

FIG. 13 depicts an example of additional encryption and/or decryptionsystems included in the passive ID circuitry for encrypting anddecrypting of unique ID of card reader.

FIG. 14 depicts a flowchart of an example of a process to supportdecoding of incoming signals from swiping of a card with a magneticstripe through a miniaturized portable card reader.

FIG. 15 depicts a flowchart of an example of a process to supportfinancial transaction between a payer and a payee through a miniaturizedcard reader connected to a mobile device.

FIGS. 16( a)-(f) depict screenshots of an example of a financialtransaction between a purchaser and a merchant through a miniaturizedcard reader connected to a mobile device.

FIG. 17 illustrates an integrated read head/mobile device embodiment ofthe present invention.

FIG. 18 illustrates one embodiment of a method of making payments usinga mobile device where a tab is opened by a first party and is selectedby a qualified second party at any geographic location of the firstparty's mobile device.

FIG. 19 illustrates an overall system architecture of a payment servicethat can be used in various embodiments of the present invention.

FIG. 20 illustrates an embodiment of the present invention for a methodof conducing on-line purchases using a mobile device.

FIG. 21 illustrates an embodiment of the present invention where amethod is provided for transferring funds to and/or from a first party'sfinancial account, and the first party's financial account informationis entered with a single initial entry to the payment service and forfuture payments the information need not be re-entered.

FIG. 22 illustrates an embodiment of the present invention with a springmember attached to the read head to provide for increased accuracy andread head adjustment

FIG. 23 illustrates one embodiment of the present invention with a cardreader, mobile device and payment system.

FIG. 24 illustrates one embodiment of the present invention where theoutput from a read of the track goes to an amplifier, differentiator,into a comparator and then into a microcontroller,

FIG. 25 illustrates one embodiment of the present invention where a cardreader accepts a raw signal from a read head and processes the financialtransaction card read on the fly.

FIG. 26. illustrates one embodiment of the present invention where theslot of a read head has directionality.

FIG. 27 illustrates an embodiment of the present invention where theread head includes a power source.

FIG. 28 is a schematic view, according to another embodiment of thepresent invention, showing a payment device-not-present transaction.

FIG. 29 is a schematic view illustrating a payment device presenttransaction according to one embodiment of the present invention;

FIG. 30 is a schematic view illustrating a security device-presenttransaction according to one embodiment of the present invention.

DETAILED DESCRIPTION

The approach is illustrated by way of example and not by way oflimitation in the figures of the accompanying drawings in which likereferences indicate similar elements. It should be noted that referencesto “an” or “one” or “some” embodiment(s) in this disclosure are notnecessarily to the same embodiment, and such references mean at leastone.

FIG. 1 depicts an example of a system diagram to support financialtransaction between a payer and a payee through a miniaturized cardreader connected to a mobile device. Although the diagrams depictcomponents as functionally separate, such depiction is merely forillustrative purposes. It will be apparent that the components portrayedin this figure can be arbitrarily combined or divided into separatesoftware, firmware and/or hardware components. Furthermore, it will alsobe apparent that such components, regardless of how they are combined ordivided, can execute on the same host or multiple hosts, and whereinmultiple hosts can be connected by one or more networks.

In the example of FIG. 1, the system includes a mobile device 100, aminiaturized card reader 10 connected to mobile device 100, a decodingengine 110, a user interaction engine 120, and a transaction engine 130,all running on mobile device 100. Additionally, the system may alsoinclude one or more of user database 140, product or service database150, and transaction database 160, all coupled to the transaction engine130.

As used herein, the term engine refers to software, firmware, hardware,or other component that is used to effectuate a purpose. The engine willtypically include software instructions that are stored in non-volatilememory (also referred to as secondary memory). When the softwareinstructions are executed, at least a subset of the softwareinstructions is loaded into memory (also referred to as primary memory)by a processor. The processor then executes the software instructions inmemory. The processor may be a shared processor, a dedicated processor,or a combination of shared or dedicated processors. A typical programwill include calls to hardware components (such as I/O devices), whichtypically requires the execution of drivers. The drivers may or may notbe considered part of the engine, but the distinction is not critical.

As used herein, the term database is used broadly to include any knownor convenient means for storing data, whether centralized ordistributed, relational or otherwise.

In the example of FIG. 1, mobile device 100 to which the portable cardreader 10 is connected to can be but is not limited to, a cell phone,such as Apple's iPhone, other portable electronic devices, such asApple's iPod Touches, Apple's iPads, and mobile devices based onGoogle's Android operating system, and any other portable electronicdevice that includes software, firmware, hardware, or a combinationthereof that is capable of at least receiving the signal, decoding ifneeded, exchanging information with a transaction server to verify thebuyer and/or seller's account information, conducting the transaction,and generating a receipt. Typical components of mobile device 100 mayinclude but are not limited to persistent memories like flash ROM,random access memory like SRAM, a camera, a battery, LCD driver, adisplay, a cellular antenna, a speaker, a Bluetooth circuit, and WIFIcircuitry, where the persistent memory may contain programs,applications, and/or an operating system for the mobile device.

In one embodiment of the present invention a system is provided withtransaction engine 130 running on mobile device 100. In response to afinancial transaction between a buyer and a seller, the mobile device100 accepts information selected including but not limited toinformation from financial transaction or information pertaining tofinancial transaction card used by the buyer in the transaction.Additionally, a financial transaction device can be utilized.Non-limiting examples of financial transaction devices include but arenot limited to a, wristband, RFID chip, cell phone, biometric marker andthe like. At least a portion of this information is communicated with athird party financial institution or payment network to authorize thetransaction. The buyer receives confirmation of the payment. Paymentconfirmation can be in real time by a payment service.

Payment confirmation can be made with a communication channel of thebuyer's choice. As non-limiting examples, confirmation of payment can bean electronic notification in the form selected from at least one of,email, SMS message, tweet (message delivered via Twitter), instantmessage, communication within a social network and the like.

In response to the transaction, a confirmation is made that the buyer isauthorized to use the financial transaction card in order to preventfraud. There can also be a confirmation that there are sufficient fundsfor the purchase made by the buyer.

In one embodiment, it is determined that that the buyer, authorized touse the financial transaction card, is present with the seller at thetime of the financial transaction.

Miniaturized Card Reader

In the example of FIG. 1, miniaturized card reader 10 is configured toread data encoded in a magnetic strip of a card being swiped by a buyerand send a signal that corresponds to the data read to mobile device 100via a signal plug 18. This signal is at least partially if not fullydecoded in the mobile device 100.

The size of card reader 10 is miniaturized to be portable for connectionwith mobile device 100. For a non-limiting example, the size of cardreader 10 can be miniaturized to an overall length of less than 1.5″. Inaddition, the miniaturized card reader 10 is also designed to reliablyread the card with minimum error via a single swipe by counteractingvendor specific filtering done by mobile device 100. Note that thisbroad overview is meant to be non-limiting as components to this processare represented in different embodiments. For instance the decodingengine 110 can be embedded in the card reader 10 as shown in FIG. 13 asthe decoding system 42. FIG. 2 depicts an example of an externalstructural diagram of miniaturized card reader 10. Although the diagramsdepict components as functionally separate, such depiction is merely forillustrative purposes. It will be apparent that the components portrayedin this figure can be arbitrarily combined or divided into separatesoftware, firmware and/or hardware components.

In the example of FIG. 2, miniaturized card reader 10 is shown tocomprise at least a housing 12 having a slot 14, a read head 16 embeddedon a wall of slot 14, a signal plug 18 extending out from the housing12, and an optional passive ID circuit 22.

FIG. 3( a) depicts an example of an actual card reader with miniaturizeddesign and FIG. 3( b) depicts other examples of miniaturized card readerwith width around 0.5″.

The card reader 10 includes the slot 14 and is miniaturized relative tothe size of the mobile device 100. In some embodiments, the housing 12is not included.

In one embodiment, the slot 14 is configured to maintain contact betweenthe read head 16, and the magnetic stripe of the financial transactioncard during a swipe. The signal is decoded in the mobile device 100. Thedecoding includes determining pulses in the signal and converting atleast some of the pulses to characters. In one embodiment, the slot 14has a width of no greater than 1 mm. The width of the slot 14 issufficient to enable a successful swiping of the financial transactioncard, while producing the signal. It is sized to enable the successfulswipe without creating sufficient torque between the signal plug 18 oroutput jack and the read head 16 or at the mobile device 100 to causedamage due to excessive torque. If the slot 14 is too wide, then it ismore difficult to achieve a successful swipe that produce the signal. Ifthere is a miss, or insufficient data is generated, then the resultingsignal is not competent. If the slot 14 is too narrow, then thefinancial transaction card can not be swiped. The size of the slot 14 isselected to reduce torque as discussed above. Additionally, in oneembodiment, the output jack 18 is at least partially if not fullyrotatable relative to the port it is coupled to in the mobile device100. The decoding includes error checking. In one embodiment, thedecoding includes detecting that data in the signal is from thefinancial transaction card, seeing the beginning and ending sentinelsand reconstructing data in the signal from a pattern of pulses.

In one embodiment of the present invention, the mobile device 100 has anaudio input port, a line input port a USB port and others. In oneembodiment, a sampling rate of the signal at the audio input port or aline input port of the mobile device is at least 15 kHZ. In variousother embodiments, the sample rate of the signal at the audio input portor line import port can be, least 20 kHz; at least 25 kHz, at least 30kHz, at least 35 kHz or at least 40 kHz.

In one embodiment, the slot 14 is oriented and sized to reduce torqueapplied on the read head 10 when the financial transaction card isswiped through the slot 14 in order to maintain accuracy and reliabilityof the data read by the read head 10.

In the example of FIG. 2, housing 12 of card reader 10 is designed to beasymmetrical with respect to slot 14, with texture such as logo on oneside of the housing that can be felt and recognized by a user with atouch of a finger. For correct swiping of the card, the texture side ofhousing 12 should match with the texture (front) side of the card, sothat a user can easily identify the right side of the reader to swipethe card through slot 14 without actually looking at the reader or card.Even a blind person is able to swipe the card correctly by matching thetexture side of the reader with the texture side of the card.

In the example of FIG. 2, the slot 14 is wide enough and deep enough toaccept a card having a magnetic stripe so that the stripe will fitwithin the slot 14. More importantly, the slot 14 is configured toreduce the torque applied on the reader 10 when the card is swipedthrough slot 14 in order to maintain accuracy and reliability of thedata read by read head 16. Since the size of card reader 10 isminiaturized, slot 14 also has a length that is significantly less thanthe length of the card to be inserted into the slot 14.

To correctly read the data on the magnetic stripe of the card, the readhead 16 must maintain contact with the stripe as the card moves pastslot 14. If the card rocks during the swipe, the alignment of the head12 with the stripe may be compromised. As the length of the slot 14,i.e., the card path through which the card swiped though slot 14, isshortened, rocking and head alignment may become significant issues. Asshown in FIG. 4( a), if the magnetic stripe card is swiped throughwithout the base of the card resting against the flat bottom piece, themagnetic stripe will not align with the read head 16 when the card isswiped through slot 14 having a flat base 15.

In some embodiments, the base 15 of slot 14 can be changed from flat toa curved base with a radius in order to increase contact between theread head 16 and the magnetic stripe to address the rocking problem. Asshown in FIG. 4( b), the read head 16 can maintain contact with themagnetic stripe, even with some additional error due to the gradation ofcontact introduced by the curved base 15.

FIG. 5 depicts an example of signal plug 18 as part of card reader 10.Here, signal plug 18 can be but is not limited to a TRS (tip, ring,sleeve) connector also known as an audio plug, phone plug, plug plug,stereo plug, mini-plug, or a mini-stereo audio connector. The signalplug 18 may be formed of different sizes such as miniaturized versionsthat are 3.5 mm or 2.5 mm.

In some embodiments, signal plug 18 may be retractable within thehousing 12. In some embodiments, signal plug 18 is configured to extendbeyond housing 12 of the reader in order to accommodate connection withmobile devices 100 having cases or having a recessed plug-in socket,wherein the socket can be but is not limited to a microphone inputsocket or a line in audio input of the mobile device.

In some embodiments, housing 12 of card reader 10 is made ofnon-conductive material such as plastic so that the reader will notinterfere with the function of mobile device 100 it is connected with.Such choice of material is important since the outer case of certainmobile devices, such as iPhone 4, is conductive and serves as an antennafor the device, which function could potentially be interfered with ifthe metal case of the device gets in touch with the housing of a cardreader made of conductive material.

FIG. 6( a) depicts an example of an internal structural diagram of aminiaturized card reader. Although the diagrams depict components asfunctionally separate, such depiction is merely for illustrativepurposes. It will be apparent that the components portrayed in thisfigure can be arbitrarily combined or divided into separate software,firmware and/or hardware components.

In the example of FIG. 6( a), the internal structure inside housing 12of card reader 10 is shown to comprise at least a read head 16 withembedded circuitry, and a spring structure 20 to support read head 16.FIG. 6( b) depicts an example of an internal structure an actualminiaturized card reader. FIG. 6( c) depicts an example of separatedcomponents of read head 16 and spring structure 20 used in the actualminiaturized card reader.

In the example of FIGS. 6( a)-(c), read head 16, which for anon-limiting example, can be an inductive pickup head, detects andprovides data stored in the magnetic stripe of a card to a connectedmobile device 100. More specifically, as the magnetic stripe of a cardis swiped through slot 14 and in contact with read head 16, the cardreader device 10 reads one or more tracks of data or information storedin the magnetic stripe of the card via the detection circuitry embeddedinside the read head. Here, data stored in the magnetic stripe may be inthe form of magnetic transitions as described in the ISO 7811 standards.As the card moves past the read head 16, magnetic transitionsrepresenting data induce a voltage or waveform in a coil (not shown) ofread head 16 due to such relative movement between read head 16 and thestripe (called the Hall Effect), wherein a resistor (not shown) insideread head 16 sets the amplitude of the waveform. This waveform is sentvia the signal plug 18 into the socket which is registered by themicrophone of the mobile device 100 connected with card reader 10.

In some embodiments, read head 16 in card reader is capable of readingonly one track of data (either track 1 or 2, but not both) from themagnetic stripe in order to reduce the size and structural complexity ofcompact read head 16 as only one pin needs to be included in the readhead. FIGS. 7( a)-(b) depict examples of waveforms of data read fromtrack 1 (instead of both tracks 1 and 2 as by a traditional read head)of the magnetic stripe by read head 16 when the card is swiped throughslot 14 in the forward and reverse directions, respectively.

In some embodiments, the size or thickness of the housing 12 of cardreader 10 is configured to be narrow enough to accommodate only a singleread head 16. Such design is intended to be tampering-proof so that evenif the housing 12 is tampered with, no additional circuitry can be addedto the card reader 10 and such tampering will render the card readernon-functional.

In the example of FIGS. 6( a)-(c), spring structure 20 is a flexiblespring mounting to read head 16 without a screw, causing the read headto be suspended to housing 12 of card reader 10. Here, spring 20 caneither be connected to housing 12 via screws or welded to plastichousing 12 without using any screws. As the card moves past theread-head 16 on the miniaturized card reader, any card bending ormisalignment may cause the read head to lose contact with the magneticstripe. Spring 20 allows suspended read head 16 to swivel whilemaintaining contact pressure to track the stripe of the card beingswiped. Spring 20 is designed to be sufficiently small to fit within theminiaturized card reader 10, yet powerful enough to maintain goodcontact during the stripe. Unlike traditional spring structures, spring20 positions the supports for read head 20 inside the overall form ofthe spring, which allows the spring to flex without having to make onesupport moveable.

FIG. 8 depicts a flowchart of an example of a process to support swipingof a card with a magnetic stripe through a miniaturized portable cardreader. Although this figure depicts functional steps in a particularorder for purposes of illustration, the process is not limited to anyparticular order or arrangement of steps. One skilled in the relevantart will appreciate that the various steps portrayed in this figurecould be omitted, rearranged, combined and/or adapted in various ways.

In the example of FIG. 8, the flowchart 800 starts at block 802 where aminiaturized card reader is structured to provide sufficient contactbetween a read head and the magnetic stripe during a swipe of a card.The flowchart 800 continues to block 804 where a card with a magneticstripe is swiped through a slot of the miniaturized card reader. Theflowchart 800 continues to block 806 where the read head reliably readsdata stored in the magnetic stripe and generates an analog signal orwaveform indicative of data stored in the magnetic stripe. The flowchart800 continues to block 808 where amplitude of the waveform is set by thecircuitry inside the read head. The flowchart 800 ends at block 810where the set waveform is provided to a mobile device 100 connected withthe miniaturized card reader via the signal plug 18.

Passive ID Circuit

In some embodiments, housing 12 of card reader 10 may furtherencapsulate a passive ID circuitry 22 powered by the mobile device 100through signal plug 18, wherein passive ID circuitry 22 delivers anunique ID of the card reader to mobile device 100 only once upon thecard reader being connected to (and powered up by) the mobile device.Although both are integrated in the same housing 12, passive IDcircuitry 22 functions independently and separately from read head 18without interfering with the read head's card swiping functionsdescribed above.

FIG. 9 depicts an example of schematic diagram of passive ID circuitryembedded in the card reader. In the example of FIG. 9, passive IDcircuitry 22 may comprise at least five main subsystem/components:unique ID storage 24, communication subsystem 26, which reads andtransmits the unique ID from unique ID storage 24, power subsystem 28,which provides power to enable communication with mobile device 100, apathway subsystem 30 to route signals to signal plug 18 through thecircuitry, and a control unit 32, to orchestrate the communicationbetween different systems. All of these subsystems can be implemented inhardware, software or a combination thereof. Communication subsystem 26,power subsystem 28, and read head 16 share the same signal plug 18 forconnection with the mobile device. The components portrayed in thisfigure can be arbitrarily combined or divided into separate software,firmware and/or hardware components.

In the example of FIG. 9, unique ID storage 24 is memory containing theUnique ID of the card reader. The unique ID storage 24 can be anypersistent memory containing bytes that can be accessed by thecommunication subsystem 26.

In the example of FIG. 9, the power subsystem 28 comprises of a modifiedcharge pump, which utilizes a digital circuit to artificially raise thevoltage of a power source to a higher level. Normal charge pumpoperation requires large current which is then fed into severalcapacitors, and switching logic switches the capacitors between seriesand parallel configurations. In the example of FIG. 10, the power sourceis a bias voltage provided by the mobile device meant for detection of aconnected component. It is nominally 1.5V and is supplied through a 2 kΩresistor, resulting in a maximum current of 750 μA. Details of how thepower subsystem 28 function is described in FIG. 11.

In standard operation the pathway subsystem 30 is configured to directthe mobile device's 100 bias voltage to the power subsystem 28. Afterthe power subsystem converts the bias voltage to a system voltage, thecontrol unit 32 is able to operate. Control unit 32 configures thepathway subsystem 30 to allow the communication subsystem 26 access tothe mobile device 100. The communication subsystem 26 relays the uniqueID from the unique ID storage 24. The control unit 32 then configuresthe pathway subsystem 30 to allow the card reader circuit 16 access tothe mobile device 100.

FIG. 10 depicts an example of schematic diagram that contains additionalcomponents of passive ID circuitry 22 that contribute to the userexperience. These additional systems prevent the mobile device 100 fromperceiving that the card reader 10 has been disconnected during powercycles. These additional systems also ensure that the unique ID sentfrom unique ID storage 24 is sent as specified by the designer. Thisextra feature set comprises of a discharge subsystem 34 to force thedevice to power cycle, a fake load 36 so the mobile device 100 does notperceive a disconnect, and a monitor system 38 to manage card reader 10behavior between power cycles.

In the example of FIG. 10, communication subsystem 26 comprises a signaldriver connected with control unit 32 and unique ID storage 24. In anon-limiting embodiment of a system which sends an ID only once to amobile device 100, after the control unit 32 boots up, communicationsubsystem 26 will check a status bit in the monitor subsystem 38. Thefirst time this process occurs, the status bit will be not set. When thestatus bit is not set the ID is sent immediately. FIG. 12 contains adetailed flowchart of a non-limiting example of this process. In oneembodiment the control unit 32 will write to the status bit in monitorsubsystem 38. It will then use the discharge system 34 to reset itself.During this time the pathway subsystem 30 will be configured to directthe signal path to the fake load preventing the mobile device 100 fromdetecting a disconnect with the card reader 10. Once the power subsystem28 has completed its power cycle, the control unit 32 will read thestatus bit. Upon seeing that the status bit is cleared it will configurethe pathway subsystem 30 to direct the signal path to the card readercircuit 16. The control unit 32 will then put the system into anextremely low power state (from here referred to as a sleep state). Onlythe monitoring subsystem 38 will remain active. The monitor subsystem 38will wake the system from the sleep state at some time (time dependingon implementation) before a power cycle. The control unit 32 willnotified of the system awakening by the monitoring subsystem 38. Thecontrol unit 32 will then set the status bit on the monitor subsystem 38only if there is a voltage detected on the fake load indicating thereader is still connected. The control unit 32 will then force a powercycle.

FIG. 11 depicts an example of an implementation for passive ID circuitry22 depicted in FIG. 10. In some embodiments, power subsystem 28 hasmultiple capacitors in parallel. A voltage breaker (e.g., zener diodeetc) and a latch are used to trigger the transition between parallel andseries configurations. Once the latch is flipped, power subsystem 28will remain in series configuration until the combined voltage dropsbellow the CMOS trigger gate voltage at about 0.4V. At this time thepassive ID circuitry 22 will reset and the unique ID delivery processwill begin again

In the example of FIG. 11, pathway subsystem 30 comprises a plurality oflatches controlled by control unit 32 for switching among varioussubsystems of passive ID circuitry 22. When passive ID circuitry 22 isin operation, the default configuration allocates the output signalthrough signal plug 18 to modified charge pump of power subsystem 28.After the latch to turn off modified charge pump 28 is triggered,control unit 32 will route signal plug 18 from read head 16 tocommunication subsystem 26 and transmit the unique ID through signalplug 18 after checking the status bit in unique ID storage 24. Pathwaysubsystem 30 will then write to the status bit in unique ID storage 24and discharge the power subsystem 28. FIG. 12 depicts a flowchart of anexample of a process to deliver the unique ID to mobile device 100 viathe passive ID circuitry 22.

In some embodiments, passive ID circuitry 22 may further includeadditional encryption and/or decryption systems as shown in FIG. 13 forencrypting and decrypting of unique ID of card reader 10. In the exampleof FIG. 13, the decoding system 42 and encryption system 40 can both usethe control unit 32 from the passive ID circuitry 22 to communicate withthe mobile device 100 over the communication subsystem 26.

Signal Decoding

Once card reader 10 provides the set waveform to the attached mobiledevice 100, the incoming signals (waveform) may be amplified, sampled,and converted to a stream of digital values or samples by decodingengine 110 running via a microprocessor inside the mobile device. Here,decoding engine 110 may comprise a pipeline of software decodingprocesses (decoders) to decode and process the incoming signals asdescribed below, where each software process in this pipeline can beswapped out and replaced to accommodate various densities of track dataread in order to reduce card swipe error rate. The incoming signals maybe of low quality due to one or more of: low quality of data read from asingle and/or low density track of a magnetic stripe of the card,sampling speed limitations of the microphone input socket of the mobiledevice, and noise introduced into the mobile device 100 from card reader10. FIG. 14 depicts a flowchart of an example of a process to supportdecoding of incoming signals from swiping of a card with a magneticstripe through a miniaturized portable card reader.

In the example of FIG. 14, the flowchart 1400 starts at block 1402 wheredecoding engine 110 initializes its internal state by waiting for thesystem voltage to reach a steady state. Upon initial connection of acard reader, there is usually a burst of signal due to feedback causedby slight impedance mismatches and the presence of non-linear elementslike the read head. After at least 3 time constants, the signal isdetermined to be in a steady state. During such initialization phase,the DC offset of the incoming signals are computed when the mobiledevice is first connected to the card reader over signal plug 18. Insome embodiments, initialization goes through at least the followingsteps:

Take one system buffer of audio signal and compute the DC offset of thisbuffer.

Save the computed DC offset.

Compute the average of the last three DC offsets.

Compute the variance of the current DC offset from the average computedin step 3.

The following values presented were found to be optimum for performancein the decoding system. In the spirit of full disclosure they have beenprovided here to allow someone trained in the arts to be able toreplicate this process. It is fully realized that many other values canbe used here and depending on hardware implementation. The values hereare meant to be non-limiting. If the variance computed in step 4 is lessthan the variance threshold, 0.06% of full scale or less than the offsetpercentage, 10% of the offset average computed in step 3, and the DCoffset computed in step 1 is less than the noise ceiling, 3% of fullscale, of the mobile device 100. After initialization is complete,decoding engine 110 can proceed to process the incoming signals todetect the swipe of the card. Otherwise, Steps 1-4 need to be repeated.

The flowchart 1400 continues to block 1404 where decoding engine 110detects the card swipe once the incoming signals are in a steady state.This signal detection phase processes the incoming signals in steadystate in order to detect the presence of a swipe of a card through thecard reader. The signal detection phase is a light-weight procedure thatoperates at near real time. It parses the incoming signals quickly andstitches multiple system buffers of signals together to form a signal ofinterest. In some embodiments, the signal detection process goes throughat least the following steps:

Apply a software upscale of system buffers of the incoming signals.

Begin taking buffers of incoming signals and look for points that exceeda minimum signal amplitude threshold, which is a hardware-basedparameterization found empirically.

Set a flag that triggers the detection of a swipe once a single pointthat exceeds the threshold is detected.

Once the flag triggered, the incoming signal is appended to a largerbuffer until the signal drops below a minimum signal amplitude thresholdfor a certain period of time, e.g., 10 ms.

Trim the last 10 ms of data to reduce the amount of signal data to beprocessed later.

Check to see if at least a certain number of samples have been collectedin the buffer to make sure that there are enough information for laterdecoding. This number is parameterized based on the hardware of themobile device used.

Alternatively, a hardware independent swipe detection process can beutilized to capture the signal of interest via Fast Fourier Transform(FFT), while trimming the front and back of the signal. Such processwould include at least the following steps:

Retrieve system buffers of incoming signals and keep a certain number ofbuffers of history of the signals.

Compute the frequency distribution of the signal history kept via FFT.

Locate two maxima in the histogram and check if one maximum is locatedat 2× the frequency of the other maximum. If this condition issatisfied, continue to add on buffers of history that exhibit suchbehavior.

Once such behavior has stopped, begin removing signals from thebeginning and ending of the signals in the buffers until SNR ismaximized, wherein SNR is defined to be the two maxima's amplitudes thatare greatest from the next maximum.

The flowchart 1400 continues to block 1406 once a card swipe is detectedto be present where decoding engine 110 identifies peaks in the incomingsignals. Peak detection is the most complex portion of decoding ofincoming signals from credit card swipes, and credit card swipe decodeshave traditionally not been done on heavily filtered signals like thesignal that enters through the TRS plug, since most mobile devicemanufacturers assume the incoming signal is audio based. This results ina wide variety of signal filtering that peak detection must account for.Different peak detection approaches discussed below can be utilized bythe microprocessor to perform peak detection in the incoming signals indifferent ways, all applying a basic, moving average low-pass filter tosmooth out some of the high frequency noise in order to overcome the lowquality data read, sampling speed limitations of the mobile device, andthe noise introduced into the mobile device.

Reactive Peak Detection

Reactive peak detection is a heuristics based approach for peakdetection, which is well suited for situations where the incomingsignals from the card swipe is not excessively distorted by the mobiledevice's filter circuitry. This approach utilizes at least the followingsteps to detect signal peaks:

Seed an adaptive positive and adaptive negative threshold with anambient noise value that is dependent on the hardware of the mobiledevice. These thresholds will be used for initial peak detection.

Begin processing through the sample buffer, and for each sample in thebuffer:

Wait for the threshold to be crossed again when either the negative orpositive threshold is crossed, except with a hysteresis factor appliedto the threshold for the second crossing. The hysteresis factor is keyin making this approach resistant to ringing in the incoming signals,which is associated with the active filter(s) of the platform hardware.

Begin looking for slope changes within this time frame once the twosamples where the threshold is crossed have been established.

If more than one slope change is found, compute the midpoint of the twosamples.

If only a single slope change is detected, then, pick the maximum pointfor the slope change.

Compare the peak's amplitude to the previously found peak's amplitude(if this has been established).

Skip the current peak and move on if its amplitude is greater than(([full scale]−[current peak amplitude])/([full scale]*100)+100) % ofthe previous peak's amplitude.

If the prior step did not result in skipping of the peak, check thepeak's polarity against the previous peak's polarity.

If the peak's polarity is the same as the previous peak's polarity, thenremove the previous peak and put the current peak in its place.

If the polarity of the current peak has changed, then simply add thecurrent peak to the list of peaks. This step is another key componentfor making this approach resistant to ringing.

Upon the finding of a peak, update the adaptive threshold of thecorresponding polarity as the polarity of the peak just found and theamplitude to be a percentage of this peak's amplitude. Here, thepercentage is a parameter varied by the detection approach being used,since higher values more accurately detects peaks, but are not asresistant to noise, while lower values are more resistant to noise, butmay pick up errant peaks associated with ringing.

Predictive Peak Detection

Predictive peak detection defers the heavy processing to the digitizingstage of decoding. Predictive peak detection is highly resistant toscratches in the card that could cause low quality or false peakinformation to manifest in the incoming signals. This approach is morememory intensive than the reactive peak detection approach since morepeaks are stored. The approach utilizes at least the following steps todetect signal peaks:

Seed a positive and adaptive negative threshold with an ambient noisevalue that is dependent on the hardware of the mobile device.

Begin going through the sample buffer. For each sample in the buffer:

Begin waiting for the slope to change when either the positive ofnegative threshold is crossed.

When the slope changes, store the current sample as a peak.

Maxima Peak Detection

Maxima peak detection detects peaks by looking for local maxima andminima within a window of digital samples. If either of these is at theedges of the window of samples, then the approach skips the window andmoves to the next window to look for local maxima and minima. Theselocal maxima and minima are then stored into a list of peaks.

The flowchart 1400 continues to block 1408 where decoding engine 110identifies the track from which data of the incoming signals are readthrough the swipe of the card via the card reader. Traditionally, track1 and track 2 came off of different pins on the read head of a cardreader, and so there was no need to guess which track is being read.Since read head 16 in card reader is capable of reading only one trackof data from the magnetic stripe, track identification becomes animportant issue. This track identification process is run by detectionengine 110 after peaks are detected to guess and recognize the track(track 1 or track 2) from which the data is read by card reader byinferring a range of peaks to be expected for signals coming from eachtrack. Since track 1 is known to be much denser in data than track 2, itis thus reasonable to expect more peaks to be identified in data comingfrom track 1. Although this process is not a definitive guess, it yieldsthe correct track value 99.9% when coupled with the peak detectionalgorithms described herein in testing. Alternatively, track guessingcan be based on the number of bits found in the digital signals afterthe digitizing stage of decoding. When a decoder fails due to guessingthe wrong track (since track identification affects how the bits fromthe digital signals are framed and matched against character sets), thedecoder may simply choose another track type, though this makes the cardprocessing more processor intensive.

The flowchart 1400 continues to block 1410 where decoding engine 110digitizes the identified peaks in the incoming signals into bits. Thedigitizing process takes the given peak information turns them intobinary data and appends them to an array of digital bits. There are twotypes of digitizers: reactive digitizing and predictive digitizing.

Reactive Digitizing

Reactive digitizing takes the given peak information as fact, andattempts to convert them into 1 s and Os in the following steps:

Go through all peak information. For each peak:

Identify the distance between each pair of adjacent peaks.

If these distances are similar (e.g., based on a parameter for finding aseries of peaks that are equidistant from each other), begin looking for1 s and 0 s. The initial peaks always represent zeros, since the creditcard is padded with zeros at the front and back of the signal.

Once equidistant peaks are found, identify the number of samples betweenpeaks, which is the number of samples that roughly equate to a bit.

Examine the number of samples between the current peak and the nextpeak.

Examine the number of samples between the current peak and the peakafter the next.

Compare the results from Steps 5 and 6 against the value from Step 4:

If the result from Step 5 is closer to the value from Step 4, thenidentify the bit found as a 0.

If the result from Step 6 is closer, then identify the bit found as a 1.

Tie breaking: if the distances are equal and the next two peakamplitudes are smaller than the current peak amplitude, then identifythe bit found as a 1. Otherwise, identify the bit found as a 0.

Once the peak is determined, update the bit length based on the peakfound: if the peak found was a 0, update with the value of Step 5;otherwise, use the value of step 6.

Predictive Digitizing

Predictive digitizing of detected peaks in the incoming signals does nottreat the list of peaks as facts. It first finds bit length, and thenseeks to a point in the peak list where the next relevant peak shouldbe. Once it reaches this location, it then searches before and after thelocation for the nearest peak. The process then checks the polarity ofthis peak compared to the previous peak examined. If the polarities arethe same, the bit found is identified as a 1. Otherwise, it isidentified as a 0. This method of digitizing a peak list is effective inthat it simply ignores any information that is likely irrelevant.

The flowchart 1400 ends at block 1412 where decoding engine 110 convertsthe array of digitized bits into words of card information. Thisconverting process locates the bit sequence that is the start sentinelin the array. At that point, it takes frames of bits (e.g., 5 bits fortrack 2, 7 bits for track 1) and decodes them based on a symbol table.Along the way, the process constantly checks for parity and the LRC atthe end to ensure the data is correct. If there are any errors inparity, LRC, or track length, blocks 1406-1412 may be repeated with adifferent set of parameters to get the correct signal data.

When a card swipe begins, decoding engine 110 can combine various peakdetectors and digitizers discussed above in order to cover variousranges of degradation in quality of the analog input signal generated bycard reader 10. In some embodiments, different process combinations andparameters can be chosen and optimized depending on the hardwareplatform of the mobile device. These combinations and parameter valuescan be pre-determined based on experimentation and testing andinitialized upon starting of the decoding process. The decoding thenruns through all processes specified and runs certain specific processesmultiple times in order to get the correct signal. Such decoding processallows automatic scaling and adjustment during each run to account fordifferent amounts of noise, sampling speed variations, signal ringing,and swipe direction.

Card Present Transaction Without Information Sharing

In the example of FIG. 1, user interaction engine 120 is a softwareapplication running on mobile device 100 associated with a payee(merchant) that enables the payer (buyer) and the merchant to interactwith transaction engine 130 to complete a financial transaction. Morespecifically, it may take input of information related to the financialtransaction from the buyer and/or the merchant, provide such input totransaction engine to initiate and complete the transaction, and presentthe result of the transaction to the buyer and the merchant. Here, theinput of information accepted by user interaction engine 120 may includebut is not limited to one or more of: amount of the transaction,including list price and optionally tips, additional notes related tothe transaction such as written description and/or pictures of the itemto be purchased, authorization and/or signature of the buyer.

In some embodiments, other than the conventional keyboard, userinteraction engine 120 may utilize a touch screen of mobile device 100to enable the buyer and the merchant to input numbers, characters, andsignatures by touching the screen via a stylus or a finger.

In some embodiments, in addition to the result of the transaction, userinteraction engine 120 may also present products or services provided bythe merchant to the buyer in combination of one or more of text,pictures, audio, and videos, and enable the buyer to browse through theproducts and services on the mobile device to choose the one he/sheintended to purchase. Such product information can be stored and managedin product database 150.

In the example of FIG. 1, transaction engine 130 takes as its input thedecoded credit card information from decoding engine 110 and transactionamount from user interaction engine 120. Transaction engine 130 thencontacts third party financial institutions such as an acquiring bankthat handles such authorization request, directly or through a paymentsystem, which may then communicate with the card issuing bank to eitherauthorize or deny the transaction. If the third party authorizes thetransaction, then transaction engine 130 will transfer the amount ofmoney deducted from the account of the card holder (e.g., the buyer) toan account of the merchant and provide the transaction results to userinteraction engine 120 for presentation to the buyer and the merchant.In this manner, the merchant may accept a payment from the buyer viacard reader 10 and mobile device 100.

In the example of FIG. 1, although mobile device 100 is associated withthe merchant, transaction engine 130 running on mobile device 100protects the privacy of the buyer/payer during the card-presenttransaction by taking card information from the buyer directly fromdecoding engine 110 and do not share such information with the merchantvia user interaction engine 120. Here, the card information that are notshared with the merchant includes but is not limited to, card number,card holder's name, expiration date, security code, etc. In essence,transaction engine 130 serves as an intermediary between the buyer andthe merchant, so that the buyer does not have to share his/her cardinformation with the merchant as in a typical card-present transactionor an online transaction. Still, the buyer is able obtain an itemizedreceipt for the transaction completed as discussed later.

In some embodiments, although transaction engine 130 does not share cardinformation of the buyer to the merchant, it may present identityinformation of the buyer, such as a picture of the buyer on record inuser database 140, with the merchant via user interaction engine 120 sothat merchant can reliably confirm the identity of the buyer during thecard-present transaction to prevent credit fraud.

In the example of FIG. 1, user database 140, product database 150, andtransaction database 160 can be used to store information of buyer andthe merchant, products and services provided by the merchant, andtransactions performed, respectively. This information can also bestored by the payment system. Here, user information (e.g., name,telephone number, e-mail, etc.) can be obtained through online userregistration and product information can be provided by the merchant,while transaction database 160 is updated every time a transaction isprocessed by the transaction engine 130. Information stored can beselectively accessed and provided to the buyer and/or merchant asnecessary.

In the example of FIG. 1, transaction engine 130 communicates andinteracts with the third party financial institution directly or throughthe payment system, user database 140, product database 150, andtransaction database 160 over a network through the payment system (notshown). Here, the network can be a communication network based oncertain communication protocols, such as TCP/IP protocol. Such networkcan be but is not limited to, internet, intranet, wide area network(WAN), local area network (LAN), wireless network, Bluetooth, WiFi, andmobile communication network. The physical connections of the networkand the communication protocols are well known to those of skill in theart.

Dynamic Receipt

In various embodiments, upon the completion of a financial transactionthrough, for a non-limiting example, card reader 10 connected to mobiledevice 100 associated with a merchant, transaction engine 130 running onthe mobile device 100 can be configured to capture additional dataassociated with the transaction and incorporate the additional data intoa dynamic receipt for the transaction, wherein in addition totransaction information typically included in a conventional receipt,the dynamic receipt may also include additional environmentalinformation of the transaction. For non-limiting examples, the financialtransaction can be an electronic transaction conducted over the Internetor a card present point-of-sale transaction where the buyer/payer makesthe purchase at a store front, other “brick-and-mortar” location, orsimply in presence of a merchant/payee.

In some embodiments, the additional environmental information includedin the dynamic receipt may include information pertaining to thetransaction environment. In one non-limiting example, a mobile deviceequipped with a Global Positioning System (GPS) receiver can be used tocapture the coordinates/location of the transaction, and record it as apart of the information on the dynamic receipt. This way, the physicallocation of the point of sale (which may be different from themerchant/payee's registered address) can be recorded and used bytransaction engine 120 to verify the transaction. In anothernon-limiting example, a mobile device equipped with a camera and/oraudio and/or video recorder can be used to capture a photo and/or avideo and/or an audio recording of the product or service involved inthe transaction and incorporate such data or link/reference to such datainto the dynamic receipt. In another non-limiting example, a mobiledevice with a biometric scanner can be used to scan the fingerprint orpalm print of the buyer/payer and/or merchant/payee and includes atleast a portion of such information in the dynamic receipt. In anothernon-limiting example, the mobile device can record certain informationassociated with the transaction in the dynamic receipt, wherein suchinformation includes but is not limited to, how quickly the buyer swipesthe card, the angle at which the card is swiped. In another non-limitingexample, special characteristics of the card being swiped, also referredto as the magnetic fingerprint of the card, can be recorded and includedin the dynamic receipt.

In some embodiments, the dynamic receipt can be in electronic form thatcan be accessed electronically or online and may also include link orreference pointing to multimedia information such as image, video oraudio that are relevant to the transaction.

In some embodiments, transaction engine 130 can use the environmentalinformation included in the dynamic receipt to assess risk associatedwith a transaction. For a non-limiting example, if the GPS informationindicates that the transaction is taking place in a high crime/high riskarea, the risk associated with the transaction is adjusted accordingly,and the buyer's bank may be notified accordingly. Alternatively,biometric information scanned and included in the dynamic receipt can beused for identity verification purposes to prevent identity theft andcredit fraud.

In some embodiments, transaction engine 130 can use the dynamic receiptcan be used as a non-intrusive way to communicate with the buyer and/orthe merchant. For a non-limiting example, the additional informationincluded in the dynamic receipt can be used to make offers to the buyer.If a dynamic receipt includes the GPS location of the point of sale ofthe transaction, coupons or other promotional offers made by vendors atnearby locations can be presented to the buyer when the buyer chooses toview the receipt electronically online. Alternatively, if a specificproduct involved the transaction can be identified by the transactionengine either directly through product description or indirectly byanalyzing pictures or videos taken, offers of similar or complementaryproducts can be made by a vendor to the merchant of the product.

In some embodiments, transaction engine 130 may notify buyer and/or themerchant of the receipt via an electronic message, which can be but isnot limited to, an email message, a Short Message Service (SMS) message,Twitter, or other forms of electronic communication. The recipient ofthe electronic message may then retrieve a complete itemized dynamicreceipt online at his/her convenience via a telephone number on his/herrecord in user database 140 to retrieve his/her electronic receiptsstored in transaction database 160. In some embodiments, the electronicmessage may include an indication such as a code that the recipient canuse to retrieve the electronic receipt online as an alternative or incombination with the telephone number.

FIG. 15 depicts a flowchart of an example of a process to supportfinancial transaction between a payer and a payee through a miniaturizedcard reader connected to a mobile device. In the example of FIG. 15, theflowchart 1500 starts at block 1502 where an amount of a financialtransaction is provided through an interactive user application launchedon the mobile device as shown in FIG. 16( a). The flowchart 1500continues to block 1504 where a miniaturized card reader structured tominimize swipe error is connected to the mobile device as shown in FIG.16( b). The flowchart 1500 continues to block 1506 where a card isswiped through the card reader to initiate the financial transaction asshown in FIG. 16( c). The flowchart 1500 continues to block 1508 wherethe payer confirms the amount of the card-present transaction via asignature signed via the interactive user application on the mobiledevice to complete the transaction as shown in FIG. 16( d). Payments aremade with the use of the payment system which is coupled to the mobiledevice 100 Note that the signature is required as an additional layer ofconfirmation for the protection for the payer even when such signaturemay not be technically required to authorize the transaction. Theflowchart 1500 continues to block 1510 where result of the transactionis received and presented to the payer and/or merchant as shown in FIG.16( e) through the use of the payment system. The flowchart 1500 ends atblock 1512 where an electronic receipt of the transaction is provided tothe payer in the form of an electronic message as shown in FIG. 16( f).

In one embodiment, a longitudinal plane of the of the output jack 18lies within the plane that the card travels in the slot 14 within 5 mm,and in another embodiment within 3 mm.

Referring now to FIG. 17, in one embodiment of the present invention anintegrated read head system includes mobile device 212 with an audiojack 214 at least one microphone input port 216 and other ports,including but not limited to a USB port. A read head 218 is physicallycoupled to the mobile device 212. The read head 218 has a slot 220 forswiping a magnetic stripe of a financial transaction card to enable afinancial transaction between a buyer and seller with the paymentsystem. The read head 218 reads data on the magnetic stripe and producesa signal indicative of data stored on the magnetic stripe. The read head218 has an output jack 222 that physically connects the read head 218 toat least one of the audio jack 214 or microphone port 216 of the mobiledevice 212, the USB port and the like. The read head 218 provides thesignal to the mobile device 212. The signal is decoded at the mobiledevice 212. The decoding includes determining pulses in the signal andconverts at least some of the pulses to characters.

In another embodiment of the present invention, a method is provided forconducting a financial transaction with a financial transaction cardusing the integrated read head system 210.

In one embodiment of the present invention, as illustrated in FIG. 18, amethod of paying a second party (payee) is provided. In this embodiment,a first party (payer) views the names of one or more qualified secondparties. The qualified second parties are second parties that, (i) havean association with the payment service, and (ii) second parties that ifthey do not have an established association with the payment servicethen they have established one prior to payment. The first party has anassociation with the payment service. A tab is opened by the first partythat can be selected by the qualified second party at any geographiclocation of a first party's mobile device 100. The qualified secondparty is only able to charge a first party's financial account when thefirst party's mobile device 100 is within a defined geographic area. Thetab is a relationship between the first party, the payment service andthe qualified second party, The qualified second party can engage in afinancial transaction with the first party is within the definedgeographic area. The overall architecture of the payment system isillustrated in FIG. 19.

The first party's mobile device 100 is configured to communicate withthe payment service. The first party views the names of the one or morequalified second parties with the first party's mobile device 100. Thefirst party establishes the first party's financial account. The firstparty enters financial account information with a single initial entryto the payment service and additional entries of the financial accountinformation to the payment service are not required for future financialtransactions between the first party and any qualified second party whenthe same payment service is used.

The financial account is selected from at least one of, a bank account,credit card, debit card, pre-paid card, a second party financial accountand the like. The financial account is selected by the first party by atleast one of, use of a mobile device 100, from a bank terminal, doneon-line and the like. The first party's financial account can be afinancial transaction card, and the entering of the first party'sfinancial card information is with a mobile device 100. Entering of thefinancial card information can be done by, swiping the financialtransaction card through a slot of a card reader coupled to the mobiledevice 100, through a slot of the mobile device 100, by touch of thefinancial transaction card to the mobile device 100, by typing ininformation at the mobile device 100, with photos, by selecting a cardfrom an application on a mobile device 100, from an on-line entity andthe like. The mobile device 100 is a device as described above.

The qualified second party can see a list of first parties that have anassociation with the payment service. The qualified second party canview a list of first parties with open tabs. The list of first partiesseen by the qualified second party has first party identifyinginformation. The identifying information is anything that reliablyidentifies the first party and can include, but is not limited to,names, photos, cell number, social security number, e-mail address,other personal identifying information for a first party and the like.

In another embodiment, a method of paying a second party a first partyviews the names of one or more qualified second parties with a mobiledevice 100. Preferably, the mobile device 100 is the first party'smobile device 100. A tab is then opened by the first party as recitedabove that can be selected by the qualified second party at anygeographic location of the first party's mobile device 100, but thequalified second party is only able to charge a first party's financialtransaction card when the first party's mobile device 100 is within adefined geographic area In one embodiment, the mobile device 100 iscoupled to a card reader that includes an output jack adapted to beinserted at least one of the audio input port or microphone input port,USB port and the like of the mobile device 100 and delivers a signal tothe mobile device 100. In various embodiments, the sampling rate of thesignal at the audio input port or a line input port of the mobile device100 is at least 15 kHZ, 20 kHz., 30 kHz, 40 kHz and the like.

Entering of the financial card information can be achieved by a varietyof methods including but not limited to, swiping the financialtransaction card through a slot of a card reader coupled to the mobiledevice 100, through a slot of the mobile device 100, with a touch of thefinancial transaction card to the mobile device 100, typing ininformation at the mobile device 100, with photos, selecting a card froman application on a mobile device 100 and from an on-line entity and thelike.

A confirmation of payment can be made to the first party in response toa transfer of funds from the financial transaction card. In variousembodiments, the financial transaction card is selected from at leastone of, credit financial transaction card, debit financial transactioncard, gift financial transaction card, fund transfer financialtransaction card, other types of payment authenticating piece capable ofcarrying out a transfer of funds and the like, as set forth above.

In another embodiment of the present invention, illustrated in FIG. 20,a method is provided of conducing on-line purchases using a mobiledevice 100. A first party visits a second party on-line entity. Thefirst party accesses a second party on-line entity. The first party isalready registered with the payment service or becomes registered priorto the conclusion of completing a transaction. The mobile device 100 isconfigured to communicate with the payment service. The first partyconsiders conducting a transaction with the second party on-line entity.The second party on-line entity is registered with the payment service,or in response to the first party's desire to transact with the secondparty on-line entity, the second party on-line entity becomes registeredwith the payment service. The first party enters personal identifyinginformation that is sent to the payment service. In response, the firstparty receives a push notification to the first party's mobile device100 that enables the first party to complete the transaction with thesecond party on-line entity.

In various embodiments, the first party's personal identifyinginformation is entered by at least one of, use of a mobile device 100,from a bank terminal, done on-line and the like. For the transaction,the first party uses the first party's financial account. The firstparty enters financial account as recited above, which does not requirere-entry with the payment service for future transactions with secondparties that are also registered with the payment service.

In one embodiment, the first party uses the first party's financialtransaction card for the transaction where the card information isentered to the payment service as recited above. Additionally, the firstparty enters it's personal indentifying information with the paymentservice only once as recited above and need not re-enter for secondparty transactions.

In various embodiments, the on-line entity is any second party that cantransact business with the payment service including but not limited to,merchants, peers and the like.

In one specific embodiment, the first party enters its personalidentifying information, that is sent to the payment service, using thefirst party's mobile device 100. In this embodiment, the first party canuse a first party financial card to complete the transaction. The firstparty's mobile device 100 is coupled to a card reader that includes anoutput jack adapted to be inserted at least one of the audio input portor microphone input port, USB port and the like, of the mobile device100 and delivers a signal to the mobile device 100.

In another embodiment of the present invention, illustrated in FIG. 21,a method is provided for transferring funds to and/or from the firstparty's financial account. The first party's financial accountinformation is entered with a single initial entry to the paymentservice. Funds are transferred to and/or from the first party'sfinancial account using the payment service. The funds can betransferred to the first party, or to second parties. The first party'sfinancial account, including but not limited to a financial transactioncard can be the destination of the funds. A simple swipe of the firstparty's financial transaction card can make the financial transactioncard a funding source. The first party is either registered with thepayment service, or becomes registered prior to the transfer of funds toand/or from the financial account using the payment service. For futureuses of the first party's financial account, to transfer funds to and/orfrom the first party's financial account, the first party's financialaccount information need not be re-entered again with the paymentservice.

In another embodiment, funds are transferred from the first party'sfinancial account to a second party using the payment service.

In one embodiment, the second party is already registered with thepayment service or becomes registered with the payment service prior tothe transfer of funds from the first party. In another embodiment, thesecond party is not registered with the payment service.

In one specific embodiment, funds are transferred to and/or from thefirst party's financial account using the payment service, e.g., to thefirst party or to a second party, where the financial account is a bankaccount, credit card, debit card, pre-paid card, a third party fundingsource and the like. In another specific embodiment,

In another embodiment, the first party's financial card is entered witha single initial entry to the payment service using a mobile device 100.Again, for future uses of the first party's financial transaction cardto transfer funds using the payment service to a second party, the firstparty's financial transaction card information need not be enteredagain.

Again, the entering of the financial card information to the paymentservice can be achieved by, swiping the financial transaction cardthrough a slot of a card reader coupled to the mobile device 100,through a slot of the mobile device 100, with a touch of the financialtransaction card to the mobile device 100, typing in information at themobile device 100, with photos, selecting a card from an application ona mobile device 100, from an on-line entity and the like.

In another embodiment of the present invention, a method of conducting afinancial transaction includes the first party's financial accountinformation being entered once, e.g, with a single initial entry to thepayment service. For future uses of the first party's financial accountto transfer funds using the payment service to a second party, the firstparty's financial account information need not be entered again with thepayment service. The second party's personal identifying information isentered. Funds are transferred from the first party's financial accountto an account of the second party with the use of the payment service.

In another embodiment, the first party's financial transaction cardinformation is entered with a single initial entry to the paymentservice. Again, for future uses of the first party's financialtransaction card to transfer funds using the payment service to a secondparty, the first party's financial account information need not beentered again with the payment service. The second party's personalidentifying information is entered and funds are transferred from thefirst party's financial account to an account of the second party withthe use of the payment service.

In various embodiments, (i) the second party has an association with thepayment system, (ii) the first party and the second party each have anassociation with the payment system, (iii) the first party has anassociation with the payment system but the second party does not.

In one embodiment, the first party uses a send money mode of the firstparty's mobile device 100. In various embodiments, the second party is(i) anybody on the first party's phone list, (ii) not on the firstparty's phone list but is added to the first party's phone list inresponse to a transaction, (iii) the second party has an associationwith a payment system or is a database of the payment system, (iv) thesecond party does not have an association but then has one in responseto a text message or equivalent sent to the second party, and the like.In response to the text message, the second party either accepts orrejects.

In another embodiment, the first party's financial transaction cardinformation is entered with a single initial entry to the paymentservice. Again, for future uses of the first party's financialtransaction card information to transfer funds using the payment serviceto a second party, the first party's financial account information neednot be entered again with the payment service. The second party's mobiledevice 100 number is entered in the first party's mobile device 100. Inresponse, funds are transferred from the first party to an account ofthe second party.

In one embodiment of the present invention, the read head 310 readstrack 1 of the financial transaction card. Track 1 is 210 bytes per inchand is more difficult to decode than track 2. In one embodiment ofreading track 1, the signal is interpreted and transferred at a constantrate 2400 baud.

In another embodiment, the read head 310 is configured to be positionedto provide for rotation of up to 10 degrees while still registering on atrack to be read. The location of the read head 310 relative to themobile device 312, and the microphone port of the mobile device 312, isoff set from a center of track 1 in order to bias it to a bottom oftrack 1. As a non-limiting example, the offset can be 0.05 inches in thedirection x and 0.040 inches in the y direction.

In another embodiment, illustrated in FIG. 22, a spring member 314 isattached to the read head 310 that provides for increased accuracy andread head 310 adjustment by creating less friction on the financialtransaction card. The spring member 314 can be softer and be a one leafdesign retained on only one side. The spring member 314 can be acantilever spring member 314 with a pre-load onto an opposing wall on aback bone at an angle of about 3-7 degrees to ensure that the read head310 is substantially perpendicular to the magnetic strip when thefinancial transaction card is read. The spring member 314 can be part ofa sub-assembly 316 that is coupled to a PCB 318 at one end and coupledto the back bone 320.

In one embodiment, the mobile device 312 provides encryption andauthentication. In this embodiment, each card reader 322 can have aunique key that can be included in the microprocessor 324 of the PCB318. The financial transaction card is swiped and the signalinterpreted. The microprocessor 324 than encrypts the data using a HWIDand counter. The signal is encrypted when received at the mobile device312 with an ID and counter. The signal sent to the back end 326 of thepayment system where the identification of the read head 310 isdetermined and the signal is decrypted.

At the back end 326, the payment system can use HWID and decode theencrypted signal from the mobile device 312 using a hard functiondecode. Using HWID, encrypted hash function decode, the complete CC withCRC is reconstructed which is then sent to a payment gateway 328 asillustrated in FIG. 23. An acknowledgement of a good or bad transactionis then sent back to the mobile device 312.

As illustrated in FIG. 24, the output from a read of the track goes toan amplifier, differentiator, into a comparator and then into amicrocontroller. NEED A DRAWING The output to the comparator is analog,and digital into the microcontroller and into the mobile device 312.

Several fields of cardholder information are sent to the server at theback end 326 in either an encrypted or authenticated format. In oneembodiment, the protocol has several fields: length of message, counter,hardware id, authenticated message length, issue type, last 4 digits ofthe financial transaction card, cardholder name, PAN number, expirationdate, service code, and an authentication tag.

Referring to FIG. 25, in various embodiments, the card reader 322accepts a raw signal from the read head 310 and processes the financialtransaction card read on the fly. A CRC check is performed. The buyer'sname, type of financial transaction card from the ABA table, and thelast four numbers of the financial transaction card are in an encryptedpacket forwarded to the mobile device 312. In one embodiment part of theCC that are encrypted and parts are authenticated. In one specificembodiment, a 2400 baud 8-N-1 serial protocol is used in the packet sentto the mobile de vice. The mobile device 312 interprets the 2400 baudserial transmission and sends an encrypted packed with other financialtransaction card information to the backend 326 of the payment system.

Referring to FIG. 26, in one embodiment, the slot of the read head 310has directionality. In one embodiment, the slot has a wider entrancetrack and the read head 310 is biased in one direction. These enables auser to rock the financial transaction card through the slot more in onedirection that in the other. In one embodiment, the slot can have awider entrance track and the read head 310 is biased in one direction.These enables a user to rock the financial transaction card through theslot more in one direction that in the other.

The read head 310 can include a power source 330 as illustrated in FIG.27. The power source 330 can be a battery coupled to the microprocessor324. In another embodiment, power to the read head 310 is provided bythe mobile device 312. In one embodiment, wake-up detection is providedand the power source 330 is in a sleep mode until a swipe of atransaction card is initiated.

In one embodiment, the read head 310 is a four piece plastic mold. Thespring member 314 can be soldered onto the PCB 318 to form thesub-assembly 316.

As a non-limiting example, the read head housing 330 can be heat-stakedonto the back side of the backbone 320. The battery 330 can be attachedto the front side of the backbone 320 with PSA. With the front cover, itcan be attached to the backbone 320 using ultrasonic welding. A TRSconnector can be placed onto the back bone and the connection solderedto the PCB 318. The back cover can be attached to the backbone 320 tocomplete the assembly.

In various embodiments, the card reader 322 is coupled to various portsof the mobile device 312, including but not limited to the microphoneport, the USB port, accessory port.

In anther embodiment, the card reader is coupled to other ports of themobile device 100, including but not limited to the USB port, accessoryport and the like.

In one embodiment of the present invention, a method is provided ofconducting a financial transaction with reduced likelihood of fraud. Afinancial transaction is entered into using a first party's financialtransaction instrument to transfer funds. The first party's financialtransaction instrument information is sent externally to the mobiledevice 100. The financial transaction instrument information is sentfrom the financial transaction instrument such as a mobile device 100 toa payment system. A determination is made to see if if there isfraudulent use of the financial transaction instrument 100 prior tocompletion of the financial transaction. The mobile device 100 can be amerchant's mobile device 100. The determination of fraudulent use can bemade either at the mobile device 100 or the payment system. In oneembodiment, the first party's financial transaction instrumentinformation is only sent once to the mobile device 100 and need not bedone again for future purposes.

The financial transaction instrument 100 is selected from at least oneof those listed above, as well as a person's financial account and thelike.

In one embodiment, a location identifier is received from aposition-sensing device indicating a location where the request issubmitted or information that can lead to identification of the locationwhere the request is submitted. The position-sensing device can beselected from a group of eligible devices. Information identifying theselected position-sensing device can be received by the requestprocessor in advance of the request processor receiving the submittedrequest; and determining whether to service the request based at leastin part on the received location identifier or information. Thesubmission device can be embodied in an apparatus separate from anapparatus housing the position-sensing device. The submission device andthe position-sensing device can be integrated in the mobile device 100.

In another embodiment, the first party's financial account informationis entered using the first party's mobile device 100 with a singleinitial entry to a payment service. Funds are transferred to and/or fromthe first party's financial account using the payment service. The firstparty is registered with the payment service, or becomes registeredprior to transferring funds to and/or from the financial account usingthe payment service. For future uses of the first party's financialaccount to transfer funds to and/or from the first party's financialaccount, the first party's financial account information need not beentered again with the payment service. In response to, (i) entering thefirst party's financial account information or (ii) using the firstparty's mobile device 100 for a financial transaction following thesingle initial entry to the payment service, a determination is made tosee if a fraudulent attempt or fraudulent use of the first party'sfinancial account information is committed.

In another embodiment, the first party's financial account informationis entered using the first party's mobile device 100 with a singleinitial entry to a payment service. Funds are transferred from the firstparty's financial account to a second party using the payment service.The first party is either registered with the payment service, orbecomes registered prior to transferring funds to and/or from the firstparty's financial account using the payment service. For future uses ofthe first party's financial account to transfer funds to and/or from thefirst party's financial account, the first party's financial accountinformation need not be entered again with the payment service. Inresponse to, (i) entering the first party's financial accountinformation or (ii) using the first party's mobile device 100 for afinancial transaction following the single initial entry to the paymentservice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.

In another embodiment, the first party's financial account informationis entered using the first party's mobile device 100 with a singleinitial entry to the payment service. The first party's financialaccount is selected from at least one of, a bank account, credit card,debit card, pre-paid card and a third party funding source. Funds aretransferred to and/or from the first party's financial account using thepayment service. The first party is either registered with the paymentservice, or becomes registered prior to transferring funds to and/orfrom the financial account using the payment service. For future uses ofthe first party's financial account to transfer funds to and/or from thefirst party's financial account, the first party's financial accountinformation need not be entered again with the payment service. Inresponse to, (i) entering the first party's financial accountinformation or (ii) using the first party's mobile device 100 for afinancial transaction following the single initial entry to the paymentservice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.

In another embodiment, a first party's financial account information isentered using the first party's mobile device 100 with a single initialentry to a payment service. The first party's financial account isselected from at least one of, a bank account, credit card, debit card,pre-paid card and a third party funding source. Funds are transferredfrom the first party's financial account to a second party using thepayment service. The first party is registered with the payment service,or becomes registered prior to transferring funds to and/or from thefirst party's financial account using the payment service. For futureuses of the first party's financial account to transfer funds to and/orfrom the first party's financial account, the first party's financialinformation need not be entered again with the payment service. Inresponse to, (i) entering the first party's financial accountinformation or (ii) using the first party's mobile device 100 for afinancial transaction following the single initial entry to the paymentservice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.

In another embodiment, a first party's financial transaction cardinformation is entered using the first party's mobile device 100 with asingle initial entry to a payment service. For future uses of the firstparty's financial transaction card to transfer funds to and/or from thefirst party's financial transaction card, the first party's financialtransaction card information need not be entered again with the paymentservice. In response to, (i) entering the first party's financialtransaction card information or (ii) using the first party's mobiledevice 100 for a financial transaction following the single initialentry to the payment service, a determination is made to see if afraudulent attempt or fraudulent use of the first party's financialaccount information is committed.

In another embodiment, a first party's financial transaction cardinformation is entered using the first party's mobile device 100 with asingle initial entry to a payment service. Funds are transferred fromthe first party's financial transaction card to a second party using thepayment service. The first party is registered with the payment service,or becomes registered prior to transferring funds to and/or from thefirst party's financial transaction card using the payment service. Forfuture uses of the first party's financial transaction card to transferfunds to and/or from the first party's financial transaction card, thefirst party's financial transaction card information need not be enteredagain with the payment service the first party's financial. In responseto, (i) entering the first party's financial transaction cardinformation or (ii) using the first party's mobile device 100 for afinancial transaction following the single initial entry to the paymentservice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.

In another embodiment, a first party accesses names of one or morequalified second parties. The qualified second parties are defined assecond parties having an association with the payment service, andsecond parties that if they do not have an established association withthe payment service, have an established association with the paymentservice prior to payment. The first party has an association with thepayment service. A tab is opened by the first party that can be selectedby the qualified second party at any geographic location of a firstparty's mobile device 100. The qualified second party is only able tocharge a first party's financial account when the first party's mobiledevice 100 is within a defined geographic area. The tab is arelationship between the first party, the payment service and thequalified second party. The qualified second party can engage in afinancial transaction with the first party when the first party iswithin the defined geographic area. In response to the second party, (i)attempting to charge the first party or (ii) charging the first party, adetermination is made to see if a fraudulent attempt or fraudulent useof the first party's financial account is committed.

In another embodiment, names of one or more qualified second parties areaccessing by the first party with the first party's mobile device 100.The second parties have an association with the payment service, or ifnot have one prior to payment. The first party has an association withthe payment service. A tab is opened by the first party that can beselected by the qualified second party at any geographic location of thefirst party's mobile device 100. The qualified second party is only ableto charge a first party's financial transaction card when the firstparty's mobile device 100 is within a defined geographic area. Thequalified second party can engage in a financial transaction with thefirst party when the first party is within the defined geographic area.In response to the use of the first party's mobile device 100 to pay thesecond party, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial transaction card iscommitted.

In another embodiment, a first party accesses a second party on-lineentity. The mobile device 100 is configured to communicate with thepayment service. The first party considers conducting a transaction withthe second party on-line entity. The second party on-line entity isregistered with the payment service or in response to the first party'sdesire to transact with the second party on-line entity, the secondparty on-line entity becomes registered with the payment service. Thefirst party enters personal identifying information that is sent to thepayment service. The first party receives a push notification to thefirst party's mobile device 100 that enables the first party to completethe transaction with the second party on-line entity. In response to thefirst party receiving the push notification to the first party's mobiledevice 100, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial transaction card iscommitted.

In another embodiment, a first party visits a second party on-lineentity. The first party considers conducting a transaction with thesecond party on-line entity. The first party enters personal identifyinginformation using the first party's mobile device 312 and this is sentto the payment service. The first party receives a push notification ofthe first party's mobile device 312 that enables the first party tocomplete the transaction with the second party on-line entity. Inresponse to the first party receiving the push notification to the firstparty's mobile device 312, a determination is made to see if afraudulent attempt or fraudulent use of the first party's financialtransaction card is committed.

Referring now to FIG. 28, a mobile device 412 can include a positionsensor 416. In this embodiment, the mobile device receives financialtransaction card information by any of the methods listed above. Thefinancial transaction card information is sent from the mobile device toa payment system for processing. The mobile device 412 can be capable oftransmitting position information to the payment system and can includea position sensor 416 configured to detect a position of the mobiledevice and send this position information to the payment processingsystem via a variety of methods including but not limited to wirelessand the like. Mobile device 412 can send the financial card transactioninformation substantially simultaneously and position information topayment system. Payment system 414 can includes an associated databaseof permissible and/or impermissible use areas for a particular user'smobile device 412.

Payment system 414 can be configured to check position information ofthe mobile device 412 against the permissible and/or impermissible useareas for each user, and thereby determine if the device is being usedin an impermissible use area for the user. If so, the payment system 414is configured to indicate that a possibility of fraud exists in thepending transaction. If the possibility of fraud is detected, the systemmay be configured to take an action, such as preventing fulfillment ofthe transaction due to the possibility of fraud.

The payment system 414 can be as described above and can include aconventional computing system with storage medium having programminginstructions designed to implement the present invention, and one ormore processors to execute the programming instructions.

In one embodiment, when a financial transaction cardholder is issued afinancial transaction card, the cardholder may be asked to give thegeographic location of their home and office, as well as any otherlocations that the cardholder frequently place on-line orders and usethe credit card. This information may be obtained during the applicationprocess or on an ongoing basis. The information may be entered into adatabase.

Thus, when a financial transaction is conducted using a mobile device412 current location information can be provided to the payment system414 where a check can be performed for whether the financial transactionis being conducted from a permissible location. If the financialtransaction is not being conducted from a permissible location, thefinancial transaction may be rejected. Additionally, a warning in theform of a message and/or a call may be provided to the financialtransaction cardholder.

Referring to FIG. 29, in another embodiment, a card reader 416, whichcan be any of the card readers described herein, can include a positionsensor 416. In a financial transaction, the position of the card reader416 is determined when a financial transaction is entered into, whereinfinancial card transaction information can be sent to the mobile device412, and then sent to payment system 414.

The payment processing system 414 can detect the position of the cardreader 418 and therefore, the position of the payment device in apayment device-present transaction

In another embodiment, a position sensing device 420 can be included.The position-sensing device 420 can be configured to send positioninformation to a position tracking system 422. The communication linkbetween position tracking system 422 and position-sensing device 420 maybe a satellite link such as used in a global positioning satellitesystem, radio frequency link, optical link such as infrared, orvirtually any other communication link suitable for use in positiondetection.

As shown in FIG. 30, a security device-present transaction system 424can be utilized and can utilize location indicators, alone or incombination with other parameters, to determine the security clearancefor access to a particular secured location. Security device-presenttransaction system 424 can include a security device 426 configured tobe read by a security device reader 428. Security device 426 may be acard or badge encoded with security information, such as an access code,a mobile device, a card reader and the like, configured to transmitsecurity information to security device reader 424 via an infrared orother communication link. Further, the security device may be any otherdevice capable of providing the appropriate security and positioninformation to security device reader 424. In particular, securitydevice 426 may include a position sensor 416, configured to transmitinformation about its relative geographical location.

Security access control system 430 is further configured to detect thelocation or position of security device 426 and/or security reader 428by the position information received from position sensor 416.Alternatively, the security access control system 430 can be configuredto detect the position of the security device reader (and therefore theposition of the security device in a device-present transaction), byresolving a security identifier using a database of known securityidentifier locations. For example, the security identifier 1234567 maycorrespond to a gated entrance to a secured building.

In order to detect an improper use of security device 426, securityaccess control system 430 is configured to compare the position ofposition-sensing device 416 the location or position of a currenttransaction involving security device 426 (i.e., the location orposition of security device 426 and/or security device reader 428). Ifthe locations of the position-sensing device 416 and the security device426 are different, or alternatively, if the locations ofposition-sensing device 416 and security reader 428 are different, thenthe security access control system is configured to determine that thereis a possibility of improper use of the security device in the currenttransaction.

Upon determining the possibility of improper use, the system 430 isconfigured to take a designated action, such as warning a securityattendant and/or by automatically locking an entrance to a secured area.

The security control system may be implemented with conventionalcomputing system with storage medium having programming instructionsdesigned to implement the present invention, and one or more processorsto execute the programming instructions.

The foregoing description of various embodiments of the claimed subjectmatter has been provided for the purposes of illustration anddescription. It is not intended to be exhaustive or to limit the claimedsubject matter to the precise forms disclosed. Many modifications andvariations will be apparent to the practitioner skilled in the art.Particularly, while the concept “component” is used in the embodimentsof the systems and methods described above, it will be evident that suchconcept can be interchangeably used with equivalent concepts such as,class, method, type, interface, module, object model, and other suitableconcepts. Embodiments were chosen and described in order to bestdescribe the principles of the invention and its practical application,thereby enabling others skilled in the relevant art to understand theclaimed subject matter, the various embodiments and with variousmodifications that are suited to the particular use contemplated.

1. A method for detecting fraudulent use of a party's financial accountinformation, comprising: comprising: entering a first party's financialaccount information using the first party's mobile device with a singleinitial entry to a payment service; transferring funds to and/or fromthe first party's financial account using the payment service, the firstparty being registered with the payment service, or becomes registeredprior to transferring funds to and/or from the financial account usingthe payment service, wherein for future uses of the first party'sfinancial account to transfer funds to and/or from the first party'sfinancial account, the first party's financial account information neednot be entered again with the payment service; and in response to, (i)entering the first party's financial account information or (ii) usingthe first party's mobile device for a financial transaction followingthe single initial entry to the payment service, determining if afraudulent attempt or fraudulent use of the first party's financialaccount information is committed.
 2. A method for detecting fraudulentuse of a party's financial account information, comprising: comprising:entering a first party's financial account information using the firstparty's mobile device with a single initial entry to a payment service;transferring funds from the first party's financial account to a secondparty using the payment service, the first party being registered withthe payment service, or becomes registered prior to transferring fundsto and/or from the first party's financial account using the paymentservice; wherein for future uses of the first party's financial accountto transfer funds to and/or from the first party's financial account,the first party's financial account information need not be enteredagain with the payment service; and in response to, (i) entering thefirst party's financial account information or (ii) using the firstparty's mobile device for a financial transaction following the singleinitial entry to the payment service, determining if a fraudulentattempt or fraudulent use of the first party's financial accountinformation is committed.
 3. The method of claim 2, wherein the mobiledevice includes a position sensor.
 4. The method of claim 2, wherein acard reader includes a sensor and is coupled to the mobile device.
 5. Amethod for detecting fraudulent use of a party's financial accountinformation, comprising: comprising: entering a first party's financialaccount information using the first party's mobile device with a singleinitial entry to a payment service, the first party's financial accountbeing selected from at least one of, a bank account, credit card, debitcard, pre-paid card and a third party funding source; transferring fundsto and/or from the first party's financial account using the paymentservice, the first party being registered with the payment service, orbecomes registered prior to transferring funds to and/or from thefinancial account using the payment service; wherein for future uses ofthe first party's financial account to transfer funds to and/or from thefirst party's financial account, the first party's financial accountinformation need not be entered again with the payment service; and inresponse to, (i) entering the first party's financial accountinformation or (ii) using the first party's mobile device for afinancial transaction following the single initial entry to the paymentservice, determining if a fraudulent attempt or fraudulent use of thefirst party's financial account information is committed.
 6. The methodof claim 5, wherein the mobile device includes a position sensor.
 7. Themethod of claim 5, wherein a card reader includes a sensor and iscoupled to the mobile device.
 8. A method for detecting fraudulent useof a party's financial account information, comprising: comprising:entering a first party's financial account information using the firstparty's mobile device with a single initial entry to a payment service,the first party's financial account is selected from at least one of, abank account, credit card, debit card, pre-paid card and a third partyfunding source; transferring funds from the first party's financialaccount to a second party using the payment service, the first partybeing registered with the payment service, or becomes registered priorto transferring funds to and/or from the first party's financial accountusing the payment service, wherein for future uses of the first party'sfinancial account to transfer funds to and/or from the first party'sfinancial account, the first party's financial information need not beentered again with the payment service; and in response to, (i) enteringthe first party's financial account information or (ii) using the firstparty's mobile device for a financial transaction following the singleinitial entry to the payment service, determining if a fraudulentattempt or fraudulent use of the first party's financial accountinformation is committed.
 9. The method of claim 8, wherein the mobiledevice includes a position sensor.
 10. The method of claim 8, wherein acard reader includes a sensor and is coupled to the mobile device.
 11. Amethod for detecting fraudulent use of a party's financial transactioncard information, comprising: entering a first party's financialtransaction card information using the first party's mobile device witha single initial entry to a payment service; wherein for future uses ofthe first party's financial transaction card to transfer funds to and/orfrom the first party's financial transaction card, the first party'sfinancial transaction card information need not be entered again withthe payment service; and in response to, (i) entering the first party'sfinancial transaction card information or (ii) using the first party'smobile device for a financial transaction following the single initialentry to the payment service, determining if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.
 12. The method of claim 11, wherein the mobile deviceincludes a position sensor.
 13. The method of claim 11, wherein a cardreader includes a sensor and is coupled to the mobile device.
 14. Amethod for detecting fraudulent use of a party's financial transactioncard information, comprising: entering a first party's financialtransaction card information using the first party's mobile device witha single initial entry to a payment service; transferring funds from thefirst party's financial transaction card to a second party using thepayment service, the first party being registered with the paymentservice, or becomes registered prior to transferring funds to and/orfrom the first party's financial transaction card using the paymentservice, wherein for future uses of the first party's financialtransaction card to transfer funds to and/or from the first party'sfinancial transaction card, the first party's financial; and in responseto, (i) entering the first party's financial transaction cardinformation or (ii) using the first party's mobile device for afinancial transaction following the single initial entry to the paymentservice, determining if a fraudulent attempt or fraudulent use of thefirst party's financial account information is committed.
 15. The methodof claim 14, wherein the mobile device includes a position sensor. 16.The method of claim 14, wherein a card reader includes a sensor and iscoupled to the mobile device. 17-28. (canceled)